Latest Server related questions

My web application is running on a dedicated linux server located at a major hosting company. It needs to connect to an API provider, but libCurl always reports a connection timeout. I've boiled it down to the simplest test I can, which is to make a request with no payload via CLI curl. From our server, it always times out:

[linesk5@millenniumfalcon home]$ curl --connect-timeout 5 https://gatewa ...

I have have tried the following ways to import a certificate to the localmachine store via PowerShell. The console was running as administrator.

Import-PfxCertificate -Exportable -Password (secure.string) -CertStoreLocation Cert:\LocalMachine\My -FilePath 'certificatepath.pfx'

I also tried

$PFXFile = certificatepath.pfxc
$PFXPassword = secure.string
$PFXObject = New-Object -TypeName System.Securi ...

In a tightly closed down environment, I have a linux machine acting as router with a fireHOL firewall (iptables), limitting not only inbound traffic, but also outbound traffic.

Office 2019 applications running on windows 10, suffer from frequent hangs and freezing. We do not think this is related to bad installations (everything was tried already), but rather the firewall blocking lots of connect ...

I'm trying to get DRBL working on Fedora Server 37 for a Beowulf HPC cluster and want the compute nodes to be diskless.

I'm using the latest package for DRBL: drbl-4.5.16-drbl1.noarch.rpm

When I run drblsrv -i I get the following error:

********.

Installing DRBL for RedHat/Fedora Linux...

Your OS version is:: FC37

*******.

Do you want to set up the proxy server?

[y/N] N*

********.

No yum repository s ...

I created a clean Ubuntu 22.04 VM in Virtualbox and I want to deploy openstack using devstack.

I followed the guide in the Openstack documentation and I encountered the following error: [ERROR] /opt/stack/devstack/functions-common:730 git call failed: [git clone https://opendev.org/openstack/requirements.git /opt/stack/requirements --branch master] Error on exit /opt/stack/devstack/tools/worlddum ...

Using DD-WRT, dnsmasq seems to be failing to correctly resolve hosts, and I can not understand why.

root@gcs:~# cat /etc/resolv.conf
nameserver 192.168.1.1

root@gcs:~# cat /tmp/dnsmasq.conf
...
dhcp-option=6,10.3.4.10,10.4.4.10

root@gcs:~# nslookup mclarkdev.com
nslookup: can't resolve '(null)'
nslookup: can't resolve 'mclarkdev.com'

root@gcs:~# nslookup mclarkdev.com 10.3.4.10
Server:    10.3.4 ...

I just implemented zone transfer restrictions (IP plus tsig key) on my bind server. I assume this should mean that the entire zone contents are not accessible by anyone anymore, correct?

If I place comments (leading semi-colon) in my zone files, is there any way an external user can see the comments?

Do comments only exist in the file, and are ignored/not loaded into memory when the zone is loaded?

I am setting up a robotics platform, which, while in maintenance mode will be connected via ethernet to the ground station. However while in operation, this same device will be connected via WiFi.

The ground station will have a router running DD-WRT where I can do some firewall manipulation.

How can I configure iptables such that inbound packets to a specific port will first be routed to Ethernet (@ .1 ...

For a long time I've been wanting to deploy an OpenID IdP of the ones that didn't caught on that you entered and address, i.e; an OpenID, and the service would take you to your IdP SAML-style where you'd authorize it afterwards, the ones that had this logo: It was even supported on the Stack Exchange Network too; that logo should look familiar to most users here.

However, the fact that that address is ...

I have a program that reads data from shared memory and send it to a non-blocking socket in a single-threaded manner. When I'm hammering the traffic into that application, I can only see the TOP cpu percentage about 60% and not going higher, even the data I pump up into the shared memory is overflowing in the producer side.

I want to understand if this 60% is the true limit or some dubious behavi ...

i want to limit the ssh tunneling per user I did create a user with only ssh tunneling permission ( no shell, no directory ) now I want to limit this user not be able to connect multi devices simultaneously to this tunnel ( I don't want to bind device's mac address to the user since they might change their device or firewall things ). does changing the user maxlogin on /etc/security/limits affect ssh tu ...

I'm new to *bsd systems. Usually in linux-based I add routes like that:

# eth0 ip address
ip a add 10.100.1.2 dev eth0

# gw is accessible via eth0 interface
ip route add 10.100.2.1 dev eth0

# default route via 10.100.2.1
ip route add default via 10.100.2.1 dev eth0

I don't understand what's wrong with my command for openbsd. It's freshly installed with no custom configs at all.

# that's one's o ...

I have a full fledged AD DS running on Windows server 2016. I have a spring app which I am using to authenticate against my active directory database using a simple authentication bind over a ssl connection. I want to examine the contents of all incoming bindRequests to the AD server, whether they succeed or fail.

Furthermore, I want to troubleshoot whether the name form in the bind request is be ...

I have the current network setup: two subnets are connected using an Ubiquiti EdgeRouterX, subnet 1 has a switch mirroring all traffic on that subnet to the router and on subnet 2 there is a host where I want to receive all the mirrored data.

Using a RaspberryPi I managed to send all the mirrored traffic using an IPIP tunnel, but I'm unable to do it using the router.

When I run tcpdump on the router ...

I am curious to understand if there is any documentation around automating and scheduling the data transformation pipelines using GCP+BigQuery+JupyterLab.

For instance, if there are 6 BigQuery tables under a project. I would like to design data transformations on these tables with the help of 3 Jupyter Lab files and aggregate the resultant dataframe to produce a BigQuery table with the help of au ...

So my question is - is there any concern to add a CNAME for one domain controller to provide to copiers and other internal sites/applications?

I read that Active Directory doesn't truly "need" a load balancer so if that's true then providing a "VIP" via CNAME to one specific IP would accomplish my goals.

Example: CNAME Ldap.example.com 10.1.1.2
Existing: domain controller: A dc1.example.com 10.1.1.2

I frequently have to create Directories and set permissions on Samba-Shares which are joined to foreign Domains without Trust Relationship to my "home" Domain.

Mounting and creating Directories works fine

New-PSDrive -Name "F" -PSProvider FileSystem -Root $someNAS -Persist -Credential $admin_in_foreign_domain

New-Item -Path "F:\a\b\testdir" -ItemType Directory

but changing Permissions on that newly crea ...

I have a scenario that repeats itself every few hours. In every few hours, there is a sudden increase in row exclusive locks in PostgreSQL DB. In Meantime there seems that some queries are not responded in time and causes connection exhaustion to happen that PostgreSQL does not accept new clients anymore. After 2-3 minutes locks and connection numbers drops and the system comes back to normal sta ...

We have an SFTP server running using OpenSSH for Windows, with basically the default settings.

An automated client, which I have no control over, sends thousands of XML files at once, and uses a separated connection for each file (open, drop file, close).

This results in the server getting hammered by 20+ connections per second, spiking the CPU up to 80 - 100%. Now this wouldn't be a problem, but I  ...

I have created a container with Debian (Debian 11 template) on top of Proxmox 7.0.8. It is essential that the operating system keep the time synchronized and for this I installed chrony, but it does not start.

journalct -xe dump:

root@pamiweb:~# journalctl -xe
-- Support: https://www.debian.org/support
--
-- A start job for unit chrony.service has begun execution.
--
-- The job identifier is 103811 ...

I have several directories in an ext4 filesystem that I can't delete. When I run rm -rf on the directories ps aux | grep rm shows a status of D for the process. I have tried allowing it to run for several days.

The same directories have the same issue with ls. I have tried to mv and to rsync the directories to a different block device - these commands have the same issue. I can mv directories withi ...

I want to know how I can check why one of my ctrl node and kubernetes consumes more cpu than the others.

I have a cluster with 3 ctrl nodes and 4 worker nodes.

I have an nginx load balancer with the least_conn algorithm to distribute the requests to the ctrl nodes.

Monitoring the resources with the top command, I observe that of the three ctrl nodes, the kube api server process always in the first ctrl ...

we have CentOS server installed on 83GB FS size while the OS disk size is 480gb

how can we increase the FS to use the whole disk (sda, 480gb)?

[root@server ~]# df -kh
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/vg01-lvroot   83G   14G   65G  18% /
devtmpfs                 7.9G     0  7.9G   0% /dev
tmpfs                    7.9G     0  7.9G   0% /dev/shm
tmpfs                  ...

I applied a windows update to Windows 11 and since then I have been unable to connect to remote machines using MSTSC, the error is "An authentication error has occured. The Local Security Authority cannot be contacted." I can connect to the same remote machine from other sources. Googling this focuses on fixing the remote machine, which I have proven isnt the issue.

I have also tried to connect to ...

If you have two rewrite rules, and the first gets applied, does the second use the rewritten result of the first, or the original URL? I cant find this info in the documentation.

I know there are multiple questions about this but none of them fixed my problem. Please don't close my question.

I had created a bash script for itself adding it one by one with ifconfig. I was using those for creating proxies with 3proxy. But after a while it was getting disconnected and slower. I discovered ndppd. It was working on eth0. I have changed a server and it is not working on ens192. I'm  ...

My application uses squid proxy (squid3) and since the requests are sent through a http tunnel to the proxy am unable to fetch some response time parameters like DNS lookup time and TCP handshake time. Am wondering if Squid has any API or logs that contain data like time taken for DNS lookup, TCP handshake, SSL handshake, etc... which I can implement in my NodeJS app.

Thanks in advance !!!

I have a local website on Debian 11 which is rarely used so I thought I might want to start Apache using systemd socket activation when visiting the site and then shut down after few minutes of inactivity.

After installing apache on debian I stop and disable the service with systemctl disable --now apache2.service, then create /etc/systemd/system/apache2.socket with the following content, reload syst ...

I use Kubespray to setup my cluster and run my applications on it. However, my applications need getting client source ip. Therefore, I need set externalTrafficPolicy as Local in svc. But this is not a good solution, especially for building HA applications.

I tried Calico + ebpf, but it doesn't work. (see https://github.com/projectcalico/calico/issues/7252). I aslo tried Cilium and client source ip ...

So couple days ago I installed NGINX 1.23.3 QUIC with Brotli, TLS 1.3, OpenSSL 1.1.1s with HTTP/2 and HTTP/3... so server with fastcgi and php-fpm... when I load site for first time it works with http2 and everything is fine. After reload page, or I visit on site some article or category there is no more domain.com in links... for example https: //example.com/somecat/subcat... with http3 is https ://som ...